Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+5 votes
3.2k views
in Q2A Core by

Hello Everyone,

  The SPAM that I get from our Q2A website at http://redbus2us.com/qa is just killing.  Users can only post questions after registration. But, still they are posting lot of spam. They seem to be autogenerated spam. I have tried changing the reCaptcha and bought the Q2A Pro premium plugin ( http://www.q2apro.com/plugins/stop-spam ), but no luck. Also, I am using the Akismet based plugin, http://qcybb.com/question2answer-akismet-plugin/ , but no luck 

Is something  hacked at the user registration level to bypass the reCaptcha or the AntiSpam plugins ?  How do I handle the SPAM ?  I am litterally killing myself unable to stop spam.

Please help

Q2A version: 1.6.3
by
Hi chinnailu, that sounds interesting. Can you just leave one or two spam posts and give us the link to check?

Please change the anti spam question, and see if this will help.

It might be that there is a person who is targeting your forum and adapting his bot to meet the captcha. However, you should find his IP and be able to block it. Do you know how?
by
I tried changing questio : Here is a sample post :
Online gold medalist astrologer ( baba ji 91=9001340118)
famous best Great online astrologer (jyotish,tantric, pandit) specialist just dail to call BABA ji91=9001340118
Make one call and get solve your problem with in 12 hours and 24hours that is 101% guaranteed
to you from baba ji 91=9001340118
Husband-Wife disturbance,
Carrier problem,
Love marriage,love back by vashiak ran and blac k magic.
Intercast love marriage
Family problems.
Get your dream love back in your life again, vasika ran specialist,
Make one call and get solution with in 24hours that is 100% guaranteed.
JAHA KOI NA KAAM TO HUMSE LE SMADHAN ROTE HUYE AOGE OR HASTE HUYA JAOGE.
IDHER UDHER NA BHATKE SAHI JAGHA CALL KRE OR SOLUTION PAYE WITH IN 11HOURS.
HERE IS GREAT ASTROLOGER ALL SOLUTION.
KUNDLI MAKIND, READING HAND,
VASTU, VASIK ARAN,LOVE LOST, HUSBAND/WIFE DISTRIBUTE, CHILDREN PROBLEM,
COURT KE KAAM, LOVE/ARRANGE MARRIGE, HAR SMSEYA KA SMADHAN PAYE.
Husband-Wife disturbance,
Carrier problem,
Love marriage,
Intercast love marriaga
Family problems.
Greh shanti kal sarp dosha manglik dosha baby name & vastu dosha.
Make one call and get solve your problem with in 24hours that is 101% guaranteed.
E-mail- amardas634@gmail.com
Mobile:: 91=9001340118
Website –
by
The IP changes constantly. I keep blocking IPs everytime there is a spam post.
by
If you have changed the question in the stop-spam-captcha and a post appeared quickly after that, it is not a bot. - Or something is bypassing the entire q2a post system. Have you got hacked?

Please enable the eventlogger plugin, and then check the incoming events that are connected to the spammer IP (see table qa_eventlog).

Btw, you can also block IP ranges if necessary.

Please report back on this.
Thanks, Kai

2 Answers

+2 votes
by

We had gotten a similar situation on PhysicsOverflow, and here is a trick to solve it.  

Search for common words in the spam that is not commonly used by genuine users. I noticed that all your spam ccontains the word "Vashikaran". It is unlikely that your genuine users would post this word on your Q/A site. Now, go to admin/spam and add "Vashikaran" into the list of censored words. 

This will stop any posts containing "Vashikaran", i.e. the spam you are receiving.    

by
Thank you for your thoughts. I believe, I am in the same boat. See above for one of the sample post. It always is about some baba and love. I just hate it. The spam hits every couple of hours and the users registrations are happening. I tried many options. I will try your idea and see if it will stop it.

Is there anything else your advise to stop it ?
Thanks for your advise.
by
I think you should not only put "Vashikaran" in the list, but any other non-English words used in the message, specifically  "IDHER", "UDHER", "BHATKE", JAGHA".
by
If he writes the same email in all his posts, you can also add his email there in the list.
by
Thanks. Unfortunately, the email is not same...it is done by a bot I think. I suspect something is bypassed at registrations or posting. Not sure...
0 votes
by

Basically what helped me are these 3 basic steps:

  • - change default text strings
  • - install "Install Very Simple Bot Protection" captcha plugin
  • - and deter Semalt using .htaccess.

More in my blog post.

...